<?php

class User_Controller_Auth extends Controller
{

	public function actionLogin($request, $response)
	{
		$auth = Zend_Auth::getInstance();
        
		$auth -> clearIdentity();

		$response -> form = $form = Agis::getForm('user@login');

		$viewer = Agis::getViewer();

		if ($request -> isPost() && $form -> isValid($request -> getPost()))
		{

			/**
			 * check authenticate.
			 */
			$values = $form -> getValues();

			$usr = (string)$values['usr'];
			$pwd = (string)$values['pwd'];

			$table = Agis::getTable('user@user');

			$user = $table -> fetchRow($table -> select() -> where('username=?', $usr) -> orWhere('email=?', $usr));

			if (is_object($user) && $user -> isValidPassword($pwd))
			{
				$auth -> getStorage() -> write($user -> getId());
				$url = Agis::getUrl('');
				header('location: ' . Agis::getUrl(''));
			}
		}
	}

	public function actionLogout($request, $response)
	{
		$auth = Zend_Auth::getInstance();
		$auth -> clearIdentity();
		header('location: ' . Agis::getUrl(''));
	}

	/**
	 * accept any.
	 */
	public function checkPermission($actionId, $user)
	{
		return 1;
	}

}
